The present invention relates to a data security system, and more particularly to computer data systems for indicating whether data has been accessed.
In many computer applications it is important to know whether a piece of data has been accessed during a given time interval, the end of such time interval often being the present time. One example of such situation is that of a stock broker transaction wherein a dishonest programmer could add his name today to the list of buyers or sellers of some earlier day's market, thus attaining financial gain based upon deterministic as opposed to probabilistic information. Such an act could not be detected since there is no explicit loss attributable to any account. Another application is where a user desires to monitor whether anyone has spied on, or destroyed by alteration, any data in an on-line system. In U.S. Pat. No. 3,599,159 issued on Aug. 10, 1971 to Creech et al and entitled "Digital Memory With Automatic Overwrite Protection," there is disclosed a multi-program system incorporating a memory protect feature whereby data can be written into only those memory locations available to the program being processed. In such system, each word in memory is provided with a special binary bit which indicates that a word is not to be modified or overwritten. The protect bit can be set at the time the word is stored in memory. When a memory is addressed, if the special binary bit is on, the existing word, which was stored in a buffer register, is written back into memory as part of the same memory cycle. At the same time, the presence of the memory protect bit signals an interrupt condition indicating that an inviolate portion of memory has been addressed.
In U.S. Pat. No. Re. 27,251, reissued on Dec. 21, 1971 to G. M. Amdahl et al, for a "Memory Protection System," there is disclosed a data processing system wherein blocks of addresses in a main memory are reserved to predetermined users. An auxiliary memory holds a key for each block of the main memory. During a memory accessing operation, the key that corresponds to the addressed block in main memory is read from the auxiliary memory and compared with the key assigned to the user. In the event of a mismatch, the user is prevented from altering the contents at the addressed location in the main memory.
While the known security systems provide various forms of data access protection by data encryption, memory access codes and software schemes, there is a need for a security system which detects and records the reading or writing of data in memory and which cannot be bypassed by a program.